shared/apm.md: support multiple GitHub Apps per workflow for multi-org private packages

[danielmeppiel]

Summary

shared/apm.md currently exposes a single app-id/private-key/owner/repositories set per import (added in #982). For workflows that need to fetch private APM packages from multiple orgs using different GitHub Apps per source org, that's not enough.

Two structural blockers prevent simply importing shared/apm.md multiple times:

1. Job name collision — gh-aw's import resolver merges jobs by key. The shared workflow defines jobs.apm: (fixed name), so a second import would clobber the first.
2. actions/create-github-app-token is single-owner — one mint = one installation token = one owner. Multi-org access in a single token isn't possible without a cross-org GitHub App installation.

Use case

A team consumes APM packages from multiple private orgs they don't own, each requiring its own GitHub App installation:

# Hypothetical, NOT supported today
imports:
  - uses: shared/apm.md
    with:
      apps:
        - app-id: ${{ vars.ACME_APP_ID }}
          private-key: ${{ secrets.ACME_APP_PRIVATE_KEY }}
          owner: acme-org
          repositories: acme-skills
          packages:
            - acme-org/acme-skills/skills/code-review
        - app-id: ${{ vars.BETA_APP_ID }}
          private-key: ${{ secrets.BETA_APP_PRIVATE_KEY }}
          owner: beta-org
          packages:
            - beta-org/beta-pkg
      packages:                  # public, no app needed
        - microsoft/apm-sample-package

Workarounds available today

• One workflow per source org, each importing shared/apm.md with its own credentials. Works, but splits the agent run.
• One GitHub App installed in every source org (single app-id/private-key shared across orgs). Still requires a separate owner per token mint, so multiple mint steps in a forked shared/apm.md.
• Fork shared/apm.md locally to chain N create-github-app-token + N apm-action pack steps against the same workspace. Tractable for 2-3 orgs, ugly beyond.

Design constraints

• gh-aw import-schema documents that object inputs allow "one-level deep sub-fields" — arrays-of-objects are not cleanly supported and would need verification.
• Dynamic step generation in static YAML is awkward; a matrix-strategy redesign or a dedicated composite action wrapping microsoft/apm-action may be required.
• Bundle merging across multiple pack runs needs to be defined (sequential append vs. separate artifacts).

Possible designs (non-exhaustive)

1. Matrix-strategy pack — generate one matrix cell per app group, each cell mints its own token and packs its own bundle, then a final merge job concatenates artifacts.
2. Composite action wrapper — a new action that takes a structured apps: input, mints tokens, and invokes microsoft/apm-action once per group.
3. Documented multi-workflow split — codify "one workflow per source org" as the supported pattern and don't extend shared/apm.md.

Out of scope for #982

#982 lands the single-app case (the most common path off the deprecated dependencies.github-app form). This issue tracks the broader multi-app/multi-org case as a follow-up.

Acceptance

• A documented, supported way to consume private APM packages from N orgs with N different GitHub Apps in a single agentic workflow, OR
• A clear "use one workflow per source org" recommendation in the docs if multi-app within one workflow is not pursued.

[danielmeppiel]

Design Proposal: Multi-org GitHub App auth in shared/apm.md

Tracking: microsoft/apm#983
Predecessor: microsoft/apm#982 (single-app — first-class, kept)
Disposition: APPROVED for execution as a two-PR sequence

---

TL;DR

Add apps: (array of GitHub App credential groups) to shared/apm.md's import-schema, fan out one matrix replica per group in the apm job, and consume all resulting bundles in a single multi-bundle restore step. Each replica mints its own installation token via actions/create-github-app-token, packs only its declared packages, and uploads a uniquely-named artifact. Pre-agent-steps download all apm-* artifacts and restore them via a new bundles-file: input on microsoft/apm-action.

The single-app top-level form (app-id, private-key, owner, repositories) shipped in #982 stays first-class as the canonical shorthand for the common case. apps[] is purely additive.

---

Problem

shared/apm.md exposes a single app-id/private-key/owner/repositories set per import. Workflows that consume APM packages from multiple orgs, each gated by a distinct GitHub App installation, have no supported path:

1. Importing shared/apm.md twice collides on the fixed jobs.apm: name (gh-aw merges imported jobs by key — see pkg/parser/import_field_extractor.go:360-363).
2. actions/create-github-app-token mints one installation token per call (single-owner scope).

Constraints validated against gh-aw upstream

• import-schema supports array of object items; validateImportInputType recurses into items via validateObjectInput (pkg/parser/import_field_extractor.go:603-722). Arrays-of-objects with named scalar sub-fields are valid.
• ${{ github.aw.import-inputs.<array> }} substitutes as inline JSON (substituteImportInputsInContent, pkg/parser/import_field_extractor.go:798-812). ${{ secrets.X }} references inside user-supplied values pass through as literal strings; GA evaluates them at runtime.
• matrix.<key>: ${{ fromJSON(needs.<job>.outputs.matrix) }} is a GA-canonical pattern for dynamic matrices.

Approach

Three-stage pipeline inside the existing apm reusable workflow:

1. apm-prep (new, single job, no matrix): normalize packages: + top-level single-app inputs + apps[] into one canonical list of credential groups; emit as JSON output.
2. apm (existing, with strategy.matrix): one replica per group, conditional token mint, pack, upload artifact named apm-<group-id>.
3. pre-agent-steps (existing, augmented): download all apm-* artifacts, validate against the matrix manifest, restore in a single apm-action invocation with the new bundles-file: input.

---

Final architecture

OO / class diagram

classDiagram
    direction LR
    class SharedApmWorkflow {
        <<ReusableWorkflow>>
        +import-schema: packages, apps[], single-app
        +jobs: apm-prep, apm
        +pre-agent-steps: download, validate, restore
    }
    class ApmPrepJob {
        <<Initializer>>
        +outputs.matrix: JSON
        +normalize(packages, single-app, apps) ApmGroup[]
    }
    class ApmJob {
        <<MatrixIterator>>
        +strategy.matrix.group: ApmGroup
        +mint, pack, upload
    }
    class ApmGroup {
        <<ValueObject>>
        +id string
        +app-id string
        +private-key string
        +owner string
        +repositories string
        +packages string[]
    }
    class CreateGitHubAppToken {
        <<ConcreteStrategy>>
        +mints installation token per replica
    }
    class ApmAction {
        <<Adapter>>
        +pack mode
        +restore mode (bundles-file: NEW)
    }
    class PreAgentSteps {
        <<RestorePhase>>
        +download apm-* artifacts
        +validate against matrix manifest
        +restore via bundles-file
    }
    SharedApmWorkflow *-- ApmPrepJob
    SharedApmWorkflow *-- ApmJob
    SharedApmWorkflow *-- PreAgentSteps
    ApmJob *-- ApmGroup : iterates
    ApmJob ..> CreateGitHubAppToken : conditional
    ApmJob ..> ApmAction : pack
    PreAgentSteps ..> ApmAction : restore
    note for ApmJob "Strategy fan-out: matrix.group selects credential and package set per replica"
    note for ApmAction "NEW upstream input: bundles-file (newline-list)"
    class SharedApmWorkflow:::touched
    class ApmPrepJob:::touched
    class ApmJob:::touched
    class ApmGroup:::touched
    class PreAgentSteps:::touched
    classDef touched fill:#fff3b0,stroke:#d47600

Loading

Execution flow

flowchart TD
    A[Workflow trigger] --> B[activation job]
    B --> C[apm-prep job]
    C -->|"[EXEC] jq normalize, validate ids"| D{matrix size N}
    D --> E1["apm group=default<br/>no mint -> [NET] apm-action pack -> [I/O] upload apm-default"]
    D --> E2["apm group=acme<br/>[NET] create-github-app-token -> [NET] apm-action pack -> [I/O] upload apm-acme"]
    D --> E3["apm group=beta<br/>[NET] create-github-app-token -> [NET] apm-action pack -> [I/O] upload apm-beta"]
    E1 --> F[agent job]
    E2 --> F
    E3 --> F
    F --> G["pre-agent-steps:<br/>[I/O] download-artifact pattern apm-*<br/>[FS] validate count vs matrix manifest<br/>[FS] write bundle list<br/>[EXEC] apm-action bundles-file"]
    G --> H[agent execution with merged apm_modules/]

Loading

Design patterns

• Used in this proposal: Strategy fan-out (matrix.group), ValueObject (ApmGroup), Initializer (apm-prep), Adapter (apm-action), Chain of Responsibility (token env precedence in pack step).
• Pragmatic suggestion: none — the current shape is the simplest correct design at this scope. If apm-action accumulates more than two multi-bundle quirks, extract a microsoft/apm-aw composite action that wraps the matrix machinery; not now.

---

import-schema (final)

import-schema:
  packages:
    type: array
    items: { type: string }
    required: false
    description: >
      Public APM packages or packages reachable via the default token cascade
      (GH_AW_PLUGINS_TOKEN, GH_AW_GITHUB_TOKEN, GITHUB_TOKEN). Optional. At
      least one of packages, single-app inputs, or apps must be provided.

  # Single-app convenience form (canonical for one-org users)
  app-id:
    type: string
    required: false
    description: >
      GitHub App ID. With private-key, mints an installation token for the
      packages listed in packages:. For multiple orgs, use apps: instead.
  private-key:
    type: string
    required: false
    description: PEM private key matching app-id. Required when app-id is set.
  owner:
    type: string
    required: false
    description: App installation owner. Defaults to the current repo owner.
  repositories:
    type: string
    required: false
    description: >
      Repositories the minted token is scoped to. Comma- or newline-separated.
      Empty defaults to the calling repo or the App installation default
      scope. Note: literal "*" is NOT a wildcard for actions/create-github-app-token;
      leave empty for org-wide access via App installation config.

  # Multi-app form (cross-org)
  apps:
    type: array
    required: false
    description: >
      List of GitHub App credential groups. Each entry mints its own
      installation token and packs its own packages. Use when packages span
      multiple orgs requiring different App installations.
    items:
      type: object
      properties:
        id:
          type: string
          required: false
          description: >
            Stable identifier used for matrix-row and artifact naming.
            Auto-derived from owner (slugified) when omitted. Required when
            two entries share the same owner.
        app-id:        { type: string, required: true }
        private-key:   { type: string, required: true }
        owner:         { type: string, required: false }
        repositories:  { type: string, required: false }
        packages:
          type: array
          items: { type: string }
          required: true

Workflow shape

jobs:
  apm-prep:
    runs-on: ubuntu-slim
    needs: [activation]
    permissions: {}
    outputs:
      matrix: ${{ steps.compute.outputs.matrix }}
    steps:
      - id: compute
        env:
          AW_APM_PACKAGES: ${{ github.aw.import-inputs.packages }}
          AW_APM_APPS: ${{ github.aw.import-inputs.apps }}
          AW_APM_LEGACY_APP_ID: ${{ github.aw.import-inputs.app-id }}
          AW_APM_LEGACY_PRIVATE_KEY: ${{ github.aw.import-inputs.private-key }}
          AW_APM_LEGACY_OWNER: ${{ github.aw.import-inputs.owner }}
          AW_APM_LEGACY_REPOS: ${{ github.aw.import-inputs.repositories }}
        run: |
          set -euo pipefail
          packages_json=${AW_APM_PACKAGES:-null}
          apps_json=${AW_APM_APPS:-null}
          legacy_id=${AW_APM_LEGACY_APP_ID:-}

          groups=$(jq -nc \
            --argjson packages "$packages_json" \
            --argjson apps "$apps_json" \
            --arg legacy_id "$legacy_id" \
            --arg legacy_pk "${AW_APM_LEGACY_PRIVATE_KEY:-}" \
            --arg legacy_owner "${AW_APM_LEGACY_OWNER:-}" \
            --arg legacy_repos "${AW_APM_LEGACY_REPOS:-}" \
            'def slug(s): s | gsub("[^a-zA-Z0-9-]"; "-") | ascii_downcase | .[0:32];
             def with_id(g):
               g + (if (g.id // "") == "" then {id: ("auto-" + slug(g.owner // "default"))} else {} end);
             [
               (if (($packages // []) | length) > 0 and $legacy_id == ""
                  then [{id:"default",("app-id"):"",("private-key"):"",owner:"",repositories:"",packages:$packages}]
                  else [] end),
               (if $legacy_id != ""
                  then [with_id({id:"legacy",("app-id"):$legacy_id,("private-key"):$legacy_pk,owner:$legacy_owner,repositories:$legacy_repos,packages:($packages // [])})]
                  else [] end),
               (($apps // []) | map(with_id(.)))
             ] | add // []')

          count=$(echo "$groups" | jq 'length')
          if [ "$count" = "0" ]; then
            echo "::error::shared/apm.md import provided no packages. Add packages: <list> or apps: <list> in the with: block."
            exit 1
          fi

          dups=$(echo "$groups" | jq -r '[.[].id] | group_by(.) | map(select(length > 1) | first) | join(", ")')
          if [ -n "$dups" ]; then
            echo "::error::duplicate apm group ids after auto-derivation: $dups. Set apps[].id explicitly when two entries share the same owner."
            exit 1
          fi

          while IFS= read -r id; do
            if ! [[ "$id" =~ ^[a-z0-9-]{1,32}$ ]]; then
              echo "::error::invalid apm group id: $id (lowercase alphanumeric and dashes, 1-32 chars). Set apps[].id explicitly."
              exit 1
            fi
          done < <(echo "$groups" | jq -r '.[].id')

          echo "matrix={\"group\":$groups}" >> "$GITHUB_OUTPUT"
          printf "::notice::APM matrix: %d group(s)\n" "$count"
          echo "$groups" | jq -r '.[] | "  - " + .id + " (" + (.packages | length | tostring) + " package(s))"'

  apm:
    runs-on: ubuntu-slim
    needs: [activation, apm-prep]
    permissions: {}
    strategy:
      fail-fast: false
      matrix: ${{ fromJSON(needs.apm-prep.outputs.matrix) }}
    steps:
      - name: Mint installation token
        id: token
        if: ${{ matrix.group.app-id != '' }}
        uses: actions/create-github-app-token@v3.1.1
        with:
          app-id: ${{ matrix.group.app-id }}
          private-key: ${{ matrix.group.private-key }}
          owner: ${{ matrix.group.owner != '' && matrix.group.owner || github.repository_owner }}
          repositories: ${{ matrix.group.repositories }}

      - name: Render package list
        id: list
        env:
          AW_PKG: ${{ toJSON(matrix.group.packages) }}
        run: |
          DEPS=$(echo "$AW_PKG" | jq -r '.[] | "- " + .')
          { echo "deps<<DOC"; printf '%s\n' "$DEPS"; echo "DOC"; } >> "$GITHUB_OUTPUT"

      - name: Pack
        id: pack
        uses: microsoft/apm-action@<NEW_VERSION>
        env:
          GITHUB_TOKEN: ${{ steps.token.outputs.token || secrets.GH_AW_PLUGINS_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
        with:
          dependencies: ${{ steps.list.outputs.deps }}
          isolated: 'true'
          pack: 'true'
          archive: 'true'
          target: all
          working-directory: /tmp/gh-aw/apm-workspace

      - uses: actions/upload-artifact@v7
        with:
          name: ${{ needs.activation.outputs.artifact_prefix }}apm-${{ matrix.group.id }}
          path: ${{ steps.pack.outputs.bundle-path }}
          retention-days: '1'

pre-agent-steps:
  - uses: actions/download-artifact@v8.0.1
    with:
      pattern: ${{ needs.activation.outputs.artifact_prefix }}apm-*
      path: /tmp/gh-aw/apm-bundles
      merge-multiple: false

  - name: Validate downloaded bundles match matrix manifest
    env:
      EXPECTED_MATRIX: ${{ needs.apm-prep.outputs.matrix }}
      ARTIFACT_PREFIX: ${{ needs.activation.outputs.artifact_prefix }}
    run: |
      set -euo pipefail
      expected=$(echo "$EXPECTED_MATRIX" | jq -r --arg prefix "$ARTIFACT_PREFIX" '.group | map($prefix + "apm-" + .id) | sort | .[]')
      actual=$(ls /tmp/gh-aw/apm-bundles | sort)
      unexpected=$(comm -23 <(echo "$actual") <(echo "$expected") || true)
      missing=$(comm -13 <(echo "$actual") <(echo "$expected") || true)
      if [ -n "$missing" ]; then
        echo "::error::missing APM bundles (group did not pack successfully): $missing"
        exit 1
      fi
      if [ -n "$unexpected" ]; then
        echo "::error::unexpected artifact in apm bundle download: $unexpected"
        exit 1
      fi

  - id: bundles
    run: |
      mapfile -t list < <(find /tmp/gh-aw/apm-bundles -name '*.tar.gz' | sort)
      [ ${#list[@]} -gt 0 ] || { echo '::error::no apm bundles found'; exit 1; }
      printf '%s\n' "${list[@]}" > /tmp/gh-aw/apm-bundle-list.txt

  - uses: microsoft/apm-action@<NEW_VERSION>
    with:
      bundles-file: /tmp/gh-aw/apm-bundle-list.txt

User-facing forms (three side-by-side, in HTML doc-comment)

# Public + default-token packages
imports:
  - uses: shared/apm.md
    with:
      packages:
        - microsoft/apm-sample-package

# Single GitHub App (one org)
imports:
  - uses: shared/apm.md
    with:
      app-id: ${{ vars.APP_ID }}
      private-key: ${{ secrets.APP_PRIVATE_KEY }}
      owner: my-org
      packages:
        - my-org/my-private-skills

# Multiple GitHub Apps (cross-org)
imports:
  - uses: shared/apm.md
    with:
      packages:
        - microsoft/apm-sample-package
      apps:
        - id: acme
          app-id: ${{ vars.ACME_APP_ID }}
          private-key: ${{ secrets.ACME_KEY }}
          owner: acme-org
          packages:
            - acme-org/acme-skills/skills/code-review
        - app-id: ${{ vars.BETA_APP_ID }}
          private-key: ${{ secrets.BETA_KEY }}
          owner: beta-org
          packages:
            - beta-org/beta-pkg

---

Per-persona findings (panel review)

Python Architect

Strategy fan-out via matrix.group, ApmGroup ValueObject, and the apm-prep Initializer fit the existing APM pattern set cleanly. The two-job split (apm-prep -> apm[matrix]) eliminates the need for compile-time matrix synthesis. jq chosen over python3 for runner-portability. Diagrams and Design-patterns subsection above.

GH Actions Workflows Expert (co-lead)

fromJSON(needs.<job>.outputs.matrix) is the canonical GA pattern for dynamic matrices; secrets references inside JSON-marshaled apps[] survive substitution and are evaluated by GA at runtime. pattern: apm-* on actions/download-artifact@v8 enables wildcard discovery. Cache strategy (per-group cache key) deferred to a follow-up alignment with upstream gh-aw/.github/workflows/shared/apm.md.

CLI Logging Expert

• L2: pre-agent-steps now validates downloaded count vs matrix manifest, naming missing groups so users can find the failed replica.
• L3: per-bundle restore visibility (one ::notice:: per bundle) is REQUIRED in the upstream apm-action bundles-file: PR.
• L5: bundle conflict resolution (last-wins vs error) MUST be specified in the upstream contract.

DevX UX Expert

Single-app top-level form kept first-class (no double-deprecation drama). apps[].id auto-derived from owner (escape hatch for same-owner collisions). Error messages name the offending input and the next action. Three-form documentation block lands in the HTML doc-comment AND in docs/src/content/docs/enterprise/. repositories: "*" gotcha documented inline.

Supply Chain Security Expert

• S1 PASSED: per-app token scoping is BETTER than the deprecated dependencies.github-app form (least privilege per credential group by construction).
• S3 PASSED: secrets references survive JSON marshaling unevaluated; GA evaluates at runtime; no PEM ever logged. Add a review-checklist line: never echo $matrix / echo $groups in apm-prep.
• S4 REQUIRED: validate downloaded artifact names against the matrix manifest before restore (defends against same-run artifact-name collision attacks). Now in the design.
• S6 HARD PREREQUISITE: upstream apm-action bundles-file: PR must specify (a) path validation within workspace, (b) per-tarball path validation, (c) path_security guards on extraction, (d) deterministic conflict resolution with refusal or a ::warning:: on collision. shared/apm.md does not merge until that contract is written.

Auth Expert

Not activated -- design touches workflow-level token minting only (actions/create-github-app-token + matrix). No fast-path file in src/apm_cli/core/ is touched; AuthResolver, host classification, and HTTP authorization headers are unchanged.

OSS Growth Hacker

Side-channel to CEO: this unblocks the enterprise platform-engineering audience (orgs with multiple internal package repos behind separate App installations) -- the Lorenzo-Storelli-style usage. Story angle: "the package manager that respects your org boundaries." Three-forms block doubles as docs/enterprise example. No WIP/growth-strategy.md change mid-design; insight to be appended after ship.

---

CEO arbitration

Specialists are aligned. UX provided the most aggressive revisions, the architects adopted them in iteration 3, security added one hard prerequisite (upstream apm-action contract), and logging captured two upstream requirements. No specialist disagreed with another, so no arbitration was needed beyond ratifying the two-PR sequencing:

• PR-A (upstream): microsoft/apm-action gains bundles-file: input. Contract spec written first per S6.
• PR-B (this design): shared/apm.md v3 in microsoft/apm, pinning the new apm-action version. Closes shared/apm.md: support multiple GitHub Apps per workflow for multi-org private packages #983.

Position as additive multi-org support, not a deprecation of #982. CHANGELOG line: shared/apm.md: cross-org private packages via apps[] (multiple GitHub App installations per workflow).

---

Required actions before merge

1. Open and merge upstream microsoft/apm-action PR adding bundles-file: input with the security contract from S6 (path validation, extraction guards, deterministic conflict resolution).
2. Tag a new apm-action release; pin it in PR-B.
3. In PR-B, replace <NEW_VERSION> placeholders in the workflow shape above.
4. Update docs/src/content/docs/enterprise/ (private packages section) with the three-forms block.
5. Add CHANGELOG entry under [Unreleased].
6. Add a review-checklist note: never echo matrix/groups variables in apm-prep (S3 mitigation).

Optional follow-ups

• Align cache strategy with upstream gh-aw/.github/workflows/shared/apm.md (per-group cache key + lock-file hash) in a separate PR.
• If apm-action accumulates 3+ multi-bundle quirks, extract a microsoft/apm-aw composite action wrapping the matrix machinery.
• Append tactical insight to WIP/growth-strategy.md after the change ships.

---

Validation evidence

• gh-aw import-schema array-of-objects support: pkg/parser/import_field_extractor.go:603-722 (validateImportInputType -> validateObjectInput).
• gh-aw array-as-JSON substitution: pkg/parser/import_field_extractor.go:798-812 (substituteImportInputsInContent).
• gh-aw job-merge-by-key (the constraint that motivates this design): pkg/parser/import_field_extractor.go:360-363.
• actions/create-github-app-token@v3.1.1 pinned in gh-aw/pkg/workflow/action_pins.json (sha 1b10c78c7865c340bc4f6099eb2f838309f1e8c3).

[github-actions]

Triage decision

needs-design

Proposed labels

theme/portability
area/multi-target
area/ci-cd
area/docs-site
type/feature
status/needs-design

Milestone

null

Suggested next action

Draft a design doc that (a) validates gh-aw input schema support for arrays-of-objects, (b) specifies bundle merge semantics and lockfile provenance across N pack runs, and (c) selects one of the three proposed approaches; link it back here before any PR opens.

Suggested issue comment

This is a well-reasoned feature request that extends APM's private-package story to multi-org setups. The user need is real and the structural blockers are correctly identified.

Triage summary:

- **User need**: Consuming private APM packages from multiple orgs with different GitHub App installations in one agentic workflow. The current single-app limitation forces workflow splitting or local `shared/apm.md` forks.
- **Security posture**: The multi-app pattern (one token per org) is actually the right least-privilege design. The key risk to address in the design is bundle merge semantics -- when N pack runs merge their output, lockfile provenance must remain unambiguous per org.
- **Design decision required**: Three options are proposed, each with real feasibility unknowns:
  1. Matrix-strategy pack + merge job: viable but adds pipeline complexity.
  2. Composite action wrapper with `apps:` array input: cleanest UX but requires gh-aw schema validation for arrays-of-objects inputs first.
  3. Documented multi-workflow split: no YAML complexity, ergonomically inferior but ships immediately.
- **Docs gate**: whichever option is chosen, a guide documenting the multi-org private package pattern is required (`area/docs-site` added as secondary label).

Decision: **needs-design**. What must be designed: (a) gh-aw input schema feasibility for arrays-of-objects, (b) bundle merge semantics and lockfile provenance across N pack runs, (c) which of the three approaches is pursued.

Next step: draft a design doc (a GitHub Discussion or a section in a draft PR description) covering the three decision points above, and link it back here. The #982 single-app case is the correct baseline to extend from.

Per-lens notes (collapsed)

DevX UX Expert -- User-Need Reviewer

The request maps to a real user task: consuming private packages from multiple orgs in a single agent workflow. The hypothetical apps: input syntax is ergonomically clean and mirrors the npm workspaces mental model. The "one workflow per source org" workaround works but breaks workflow composition -- a valid DX concern. The composite-action option (approach 2) would preserve the cleanest user-facing API if gh-aw input constraints allow it.

Supply Chain Security Expert -- Risk-Surface Reviewer

Multi-app token minting is the correct least-privilege pattern: one installation token per org rather than one broad cross-org token. The design must explicitly address bundle merge integrity: when two pack runs produce artifacts that are merged, the lockfile must record which packages came from which org and via which App installation. Without this, a compromised org-B package could shadow an expected org-A package in the merged bundle without a visible audit trail.

OSS Growth Hacker -- Contributor-Tone Reviewer

Not activated -- danielmeppiel is the project maintainer/admin. No first-time-contributor tone adjustment needed. The reply should be direct and design-focused.

Python Architect -- Architecture Reviewer

The two structural blockers (job name collision in gh-aw import resolver; single-owner token minting) are correctly diagnosed. Approach 1 (matrix-strategy) is architecturally cleanest for parallel token minting but requires a merge step. Approach 2 (composite action) is the cleanest user surface but needs gh-aw array-of-objects input validation first -- this is the design gate for the most ergonomic path. Approach 3 (documented split) is the zero-complexity option. Recommend validating gh-aw schema constraints before committing to approach 2. Must be status/needs-design until the schema validation is done.

Doc Writer -- Documentation Reviewer

Whichever approach is chosen, the docs gate is a multi-org private package guide in docs/src/content/docs/guides/ covering the supported pattern end-to-end. If approach 3 (documented split) is chosen, that guide IS the feature. area/docs-site added as secondary label to remind the implementing PR. The issue itself is clearly written and well-referenced; no clarification needed from the author.

APM CEO -- Triage Arbiter

Accept-in-principle, needs-design before code. The multi-org private package case is part of APM's portability story and will matter as enterprise adoption grows. The gh-aw schema constraint is the critical unknown: if arrays-of-objects are not supported, only approaches 1 and 3 are on the table. The design doc gates the PR; no milestone until the design is settled. Lockfile provenance across merged bundles is non-negotiable in the design (Supply Chain Security Expert finding).

---

Triage status: agentic proposal pending human ratification.
Silence is approval. Maintainers can:

• Override any label or milestone above by editing it directly --
  human edits are authoritative and will not be reverted on
  subsequent runs.
• Re-trigger triage by applying the status/needs-triage label, or
  by removing status/triaged to enroll the issue in the next
  daily sweep.

Posted by the Triage Panel workflow. See .apm/skills/apm-triage-panel for the panel skill.

Generated by Triage Panel · ● 1.8M · ◷